# Code Agent

AI Guardian is OpsMx's **AI-powered developer security tool** that finds, explains, and automatically fixes security vulnerabilities in your source code and dependencies — directly within your existing GitHub workflow. It connects to your repositories, runs SAST and SCA scans, and remediates issues by generating and raising pull requests automatically — all without requiring prior security expertise from the developer.

AI Guardian is the **pre-deployment security engine** in the OpsMx Dual-AI architecture — working alongside Argonaut (post-deployment operations) to create a complete, closed-loop security model from code to cloud.

## What Is AI Guardian

AI Guardian is a developer-facing security platform that:

* **Connects** to your GitHub repositories via a secure GitHub App integration.
* **Scans** source code and third-party dependencies automatically for known vulnerabilities.
* **Explains** each finding in plain language — no security expertise required.
* **Remediates** issues through an AI-powered interactive chat — generating code patches and raising pull requests in GitHub.
* **Monitors continuously** — auto-scanning repositories at configurable intervals so new vulnerabilities are caught as code evolves.
* **Secures pull requests** — automatically scanning every PR before it is merged, preventing new vulnerabilities from entering the main branch.

## Who Should Use AI Guardian

| Persona                 | How They Use AI Guardian                                                                                                     |
| ----------------------- | ---------------------------------------------------------------------------------------------------------------------------- |
| **Software Engineers**  | Get fast, inline feedback on code vulnerabilities — fix issues in minutes with AI-generated patches                          |
| **DevOps Teams**        | Automate security checks in CI/CD pipelines — PR scans and auto scans run continuously without manual intervention           |
| **Security Teams**      | Monitor and remediate risks across all repositories from a single dashboard — without requiring developers to switch tools   |
| **Product Owners**      | Ensure secure delivery without slowing development — AI Guardian runs in the background, surfacing only what needs attention |
| **Platform Architects** | Integrate AI-powered security into platform workflows — GitHub App integration requires no custom pipeline scripting         |

## Key Terms

| Term                   | Description                                                                                                                                        |
| ---------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------- |
| **Hub**                | A central workspace where you group related GitHub projects to manage scanning and remediation — useful for managing multiple GitHub organizations |
| **GitHub Integration** | A secure connection between AI Guardian and your GitHub account that allows access to repositories via a GitHub App                                |
| **Project**            | A specific GitHub repository and branch that you want to scan and monitor                                                                          |
| **SAST**               | Static Application Security Testing — scans source code for security vulnerabilities without running the code                                      |
| **SCA**                | Software Composition Analysis — scans third-party libraries and dependencies for known CVEs and license risks                                      |
| **AI Remediation**     | AI-generated fix for a detected security issue — reviewed in an interactive chat and applied via an automated pull request                         |
| **PR Scan**            | Automatic security scan triggered on every pull request — reports only new vulnerabilities introduced by that specific PR                          |
| **Auto Scan**          | Scheduled, recurring scans at configurable intervals — ensures continuous security monitoring without manual intervention                          |
| **Chat History**       | Persistent remediation session history — allows developers to resume an in-progress remediation if interrupted or logged out                       |


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.opsmx.com/remediation-agents/code-agent.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.